Fix a case where a failure in strdup() after a successful kzalloc()
could lead to a crash later on. Also, change the function signature
to allow returning an error code, which can be returned a the return
value of ima_restore_measurement_list().
Signed-off-by: Konsta Karsisto <konsta.karsisto@xxxxxxxxx>
---
Unfortunately, I'm not familiar with the ima kexec cofiguration,
and thus this has been compile tested only.
security/integrity/ima/ima_template.c | 22 +++++++++++++---------
1 file changed, 13 insertions(+), 9 deletions(-)
diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
index 6aa6408603e3..6b1964cbcbf5 100644
--- a/security/integrity/ima/ima_template.c
+++ b/security/integrity/ima/ima_template.c
@@ -270,7 +270,7 @@ int __init ima_init_template(void)
return result;
}
-static struct ima_template_desc *restore_template_fmt(char *template_name)
+static int restore_template_fmt(char *template_name, struct ima_template_desc **returned_desc)
{
struct ima_template_desc *template_desc = NULL;
int ret;
@@ -279,23 +279,27 @@ static struct ima_template_desc *restore_template_fmt(char *template_name)
if (ret < 0) {
pr_err("attempting to initialize the template \"%s\" failed\n",
template_name);
- goto out;
+ return ret;
}
template_desc = kzalloc(sizeof(*template_desc), GFP_KERNEL);
if (!template_desc)
- goto out;
+ return -ENOMEM;
template_desc->name = "";
template_desc->fmt = kstrdup(template_name, GFP_KERNEL);
- if (!template_desc->fmt)
- goto out;
+ if (!template_desc->fmt) {
+ kfree(template_desc);
+ return -ENOMEM;
+ }
spin_lock(&template_list);
list_add_tail_rcu(&template_desc->list, &defined_templates);
spin_unlock(&template_list);
-out:
- return template_desc;
+
+ *returned_desc = template_desc;
+
+ return 0;
}
static int ima_restore_template_data(struct ima_template_desc *template_desc,
@@ -421,8 +425,8 @@ int ima_restore_measurement_list(loff_t size, void *buf)
template_desc = lookup_template_desc(template_name);
if (!template_desc) {
- template_desc = restore_template_fmt(template_name);
- if (!template_desc)
+ ret = restore_template_fmt(template_name, &template_desc);
+ if (ret < 0)
break;
}
--
2.17.1
